How To Authenticate Files On Iphone
Mac and iPhone/iPad authentication
TRITON AP-WEB solutions can be used to authenticate or place Mac and iPhone/iPad users for user- or group-based filtering.
For Mac computers, see:
| | Authentication for Mac computers |
| | Enabling transparent identification of Mac users with DC Agent |
| | Authenticating Mac users with Content Gateway |
| | Typical steps for joining a Mac to an Active Directory domain |
For iPhones/iPads, see:
| | Authentication for iPhones and iPads |
For a list of Ofttimes Asked Questions regarding Mac and iPhone/iPad authentication, encounter How do I utilize Websense Spider web Security solutions to authenticate or identify Mac users for user- or group-based filtering?
Hallmark for Mac computers
TRITON AP-WEB solutions tin can be used to cosign or identify Mac users for user- or grouping-based filtering. These restriction utilise:
| | Authentication and identification require that users vest to an Active Directory. |
| | Protocol block letters cannot be displayed on Macs. |
If your organization uses DC Amanuensis for transparent user identification, see Enabling transparent identification of Mac users with DC Agent.
If your organisation uses Logon Amanuensis for transparent user identification, come across Deploying the logon application for Mac clients.
If your arrangement uses Content Gateway to authenticate users, see Authenticating Mac users with Content Gateway.
Manual (prompted) authentication tin can as well exist used to enable user and group-based filtering of Mac users.
Enabling transparent identification of Mac users with DC Agent
In order for DC Agent to identify the user on a Mac workstation, the Mac must mount a file share on the domain controller. This tin can be done by configuring the Mac to use a file share on the domain controller machine as the user's home directory, or by mounting another share with the domain controller.
| | Annotation If the Mac just logs to the domain without mounting a file share, information technology will non be visible to DC Agent. |
Configuration summary:
| | Ensure that each participating Mac user is a fellow member of a mutual Active Directory. See your Active Directory documentation. |
| | Create a home folder for each Mac user, and make sure that it is attainable to the user. Meet the first paragraph of this department. |
When the user logs on to the properly configured Mac Bone 10 arrangement, the Mac mounts a network directory as the user'due south home directory, the DC Amanuensis user map is populated, and user and group-based policies can exist applied to user requests. When requests are blocked, browser-based block pages are displayed normally.
Authenticating Mac users with Content Gateway
Using the Integrated Windows Authentication (IWA) feature of Content Gateway, Mac users can be transparently authenticated when the user is a member of an Agile Directory domain and the Mac computer is joined to the Active Directory domain. For more information encounter Integrated Windows Hallmark.
Configuration summary:
| | Ensure that each Mac computer is joined to the Agile Directory domain. Meet Typical steps for joining a Mac to an Active Directory domain. |
| | Ensure that each participating Mac user is a member of a common Active Directory. See your Active Directory documentation. |
| | Ensure that Content Gateway is joined to the Active Directory domain. |
| | If Content Gateway is not configured for IWA, run across Integrated Windows Authentication and apply the configuration instructions. |
| | If Content Gateway is already configured for IWA and your Mac users belong to the currently joined domain, in that location is nada to do. |
| | If Content Gateway is already configured for IWA and your Mac users belong to a different Active Directory domain, utilise the Rule-Based Hallmark characteristic. See Dominion-Based Authentication and follow the configuration instructions. |
| | When Content Gateway is an explicit proxy, configure participating Mac systems and browsers to send HTTP, HTTPS, and FTP requests to the Fully Qualified Domain Proper noun (FQDN) of Content Gateway. Alternatively, specify the IP address of Content Gateway if NTLM is adequate. |
If Content Gateway is a transparent proxy, no additional Mac system or browser configuration is required.
| | Important Safari users may be prompted for credentials the first fourth dimension they open a browser. The user should enter their credentials and check the "Remember password in keychain" check box. FireFox users may receive an "Proxy Authentication Required" error message. This is a known issue in FireFox (http://support.mozilla.org/en-US/questions/926378) and is easily corrected by irresolute the browser configuration. In Nearly:Config prepare the post-obit options to false:
|
Typical steps for joining a Mac to an Active Directory domain
| 1. | Using an account with Administrator privileges, log on to the Mac computer that yous want to join to an Active Directory domain. |
| two. | Open the Directory Utility. On Os X 10.6 (Snow Leopard), go to: |
/System/Library/CoreServices
| 3. | If necessary, click the padlock icon and enter your password to unlock the Directory Utility. |
| 4. | Select the box next to Agile Directory to enable Active Directory support. |
| 5. | Highlight Active Directory and click on the Pencil icon to configure the Active Directory connection. |
| 6. | Under Domain, enter the Fully Qualified Domain Name (FQDN). |
| 7. | Under Computer ID, enter the estimator proper noun. |
| 8. | Click Bind. Yous are prompted for network credentials and a computer OU. Enter your OU admin account and password, and the computer OU location. For instance: |
ou=computers,ou=orgunits,dc=advertising,dc=example,dc=com
Your machine volition be bound to the specified Active Directory.
| 9. | Click Apply in the Directory Utility to save your changes and restart the auto. |
Authentication for iPhones and iPads
Proxy-based user authentication is supported by the Content Gateway (proxy) component of TRITON AP-WEB, resulting in user- or group-based filtering.
User identification via DC Agent is non supported and, therefore, there is no user- or grouping-based filtering solution with Web Filter & Security or TRITON AP-WEB. Filtering can be provided to those devices based on IP address or network range.
Content Gateway user hallmark has the following features and restrictions:
| | Works with the authentication method configured in Content Gateway. Users must vest to the associated user directory. |
| | Supports the Safari browser. Other browsers may not work as expected. |
| | Transparent authentication is not supported. The user is always prompted for credentials. |
| | Works in transparent and explicit Content Gateway deployments. |
| | Many iPhone and iPad apps do not piece of work well with Content Gateway (or whatsoever Web proxy) because they are not well programmed to handle proxy user authentication. |
Explicit proxy settings tin can be configured in the iOS Network settings surface area.
Source: https://www.websense.com/content/support/library/web/v81/wcg_help/auth_mac_idevice.aspx
0 Response to "How To Authenticate Files On Iphone"
Post a Comment